Volume 4 Number 1 (Jan. 2009)
Home > Archive > 2009 > Volume 4 Number 1 (Jan. 2009) >
JCP 2009 Vol.4(1): 3-10 ISSN: 1796-203X
doi: 10.4304/jcp.4.1.3-10

Collecting Sensitive Information from Windows Physical Memory

Qian Zhao1, Tianjie Cao2
1School of Computer, China University of Mining and Technology Sanhuannanlu, Xuzhou, Jiangsu, 221116, China
2National Mobile Communications Research Laboratory, Southeast University Sipailou No.2, Nanjing, Jiangsu, 210096, China


Abstract—When investigators are faced with a target system, they want to find sensitive information such as userID and password. Unfortunately, sensitive information can not be found on the hard drive in most cases. Consequently, sensitive information needs to be gathered from physical memory. In our research, we have found lots of sensitive information from physical memory by different techniques. Besides userID and password, we also have found QQ-chat logs that never have been referred in other papers.

Index Terms—Memory forensics, sensitive information, live system.

[PDF]

Cite: Qian Zhao, Tianjie Cao, "Collecting Sensitive Information from Windows Physical Memory," Journal of Computers vol. 4, no. 1, pp. 3-10, 2009.

General Information

ISSN: 1796-203X
Abbreviated Title: J.Comput.
Frequency: Bimonthly
Editor-in-Chief: Prof. Liansheng Tan
Executive Editor: Ms. Nina Lee
Abstracting/ Indexing: DBLP, EBSCO,  ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat,etc
E-mail: jcp@iap.org
  • Nov 14, 2019 News!

    Vol 14, No 11 has been published with online version   [Click]

  • Mar 20, 2020 News!

    Vol 15, No 2 has been published with online version   [Click]

  • Dec 16, 2019 News!

    Vol 14, No 12 has been published with online version   [Click]

  • Sep 16, 2019 News!

    Vol 14, No 9 has been published with online version   [Click]

  • Aug 16, 2019 News!

    Vol 14, No 8 has been published with online version   [Click]

  • Read more>>